<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>单点登录技术全景图</title>
    <link href="https://cdn.staticfile.org/font-awesome/6.4.0/css/all.min.css" rel="stylesheet">
    <link href="https://cdn.staticfile.org/tailwindcss/2.2.19/tailwind.min.css" rel="stylesheet">
    <link href="https://fonts.googleapis.com/css2?family=Noto+Serif+SC:wght@400;500;600;700&family=Noto+Sans+SC:wght@300;400;500;700&display=swap" rel="stylesheet">
    <script src="https://cdn.jsdelivr.net/npm/mermaid@latest/dist/mermaid.min.js"></script>
    <style>
        body {
            font-family: 'Noto Sans SC', Tahoma, Arial, Roboto, "Droid Sans", "Helvetica Neue", "Droid Sans Fallback", "Heiti SC", "Hiragino Sans GB", Simsun, sans-serif;
        }
        .hero-gradient {
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
        }
        .card-hover {
            transition: all 0.3s ease;
        }
        .card-hover:hover {
            transform: translateY(-5px);
            box-shadow: 0 20px 40px rgba(0,0,0,0.1);
        }
        .text-gradient {
            background: linear-gradient(135deg, #667eea 0%, #764ba2 100%);
            -webkit-background-clip: text;
            -webkit-text-fill-color: transparent;
        }
        .drop-cap::first-letter {
            float: left;
            font-size: 4rem;
            line-height: 3rem;
            padding-right: 0.5rem;
            font-weight: 700;
            color: #667eea;
        }
        .protocol-badge {
            background: linear-gradient(135deg, #f093fb 0%, #f5576c 100%);
        }
        .opensource-badge {
            background: linear-gradient(135deg, #4facfe 0%, #00f2fe 100%);
        }
        .commercial-badge {
            background: linear-gradient(135deg, #fa709a 0%, #fee140 100%);
        }
        @keyframes float {
            0% { transform: translateY(0px); }
            50% { transform: translateY(-10px); }
            100% { transform: translateY(0px); }
        }
        .float-animation {
            animation: float 3s ease-in-out infinite;
        }
    </style>
</head>
<body class="bg-gray-50">
    <!-- Hero Section -->
    <section class="hero-gradient text-white py-20 px-6">
        <div class="max-w-6xl mx-auto">
            <div class="text-center">
                <div class="mb-6 float-animation">
                    <i class="fas fa-key text-6xl opacity-90"></i>
                </div>
                <h1 class="text-5xl md:text-6xl font-bold mb-6">单点登录技术全景</h1>
                <p class="text-xl md:text-2xl opacity-90 max-w-3xl mx-auto leading-relaxed">
                    一次登录，畅游所有应用。探索现代企业身份认证的核心技术与最佳实践。
                </p>
            </div>
        </div>
    </section>

    <!-- Introduction Section -->
    <section class="py-16 px-6">
        <div class="max-w-4xl mx-auto">
            <div class="bg-white rounded-2xl shadow-xl p-10">
                <h2 class="text-3xl font-bold mb-6 text-gray-800">
                    <i class="fas fa-fingerprint text-purple-600 mr-3"></i>
                    什么是单点登录？
                </h2>
                <p class="text-lg text-gray-700 leading-relaxed drop-cap">
                    单点登录（SSO，Single Sign-On）是一个允许用户通过一次登录来访问多个应用系统的认证机制。除了 Spring Session，单点登录可以通过多种协议和工具来实现，如 OAuth 2.0 / OpenID Connect、SAML、CAS、Keycloak、IdentityServer、Shibboleth 和 Auth0。每种方案都有其特点和适用场景，可以根据项目需求选择合适的解决方案。
                </p>
            </div>
        </div>
    </section>

    <!-- Technology Overview Diagram -->
    <section class="py-16 px-6 bg-gray-100">
        <div class="max-w-6xl mx-auto">
            <h2 class="text-4xl font-bold text-center mb-12 text-gray-800">
                <i class="fas fa-network-wired text-purple-600 mr-3"></i>
                SSO 技术架构图
            </h2>
            <div class="bg-white rounded-2xl shadow-xl p-8">
                <div class="mermaid">
                    graph TB
                        subgraph "身份认证协议"
                            A[OAuth 2.0]
                            B[OpenID Connect]
                            C[SAML]
                        end
                        
                        subgraph "开源解决方案"
                            D[CAS]
                            E[Keycloak]
                            F[IdentityServer]
                            G[Shibboleth]
                        end
                        
                        subgraph "商业解决方案"
                            H[Auth0]
                        end
                        
                        I[用户] --> J[SSO 系统]
                        J --> A
                        J --> B
                        J --> C
                        J --> D
                        J --> E
                        J --> F
                        J --> G
                        J --> H
                        
                        A --> K[应用系统1]
                        B --> K
                        C --> L[应用系统2]
                        D --> L
                        E --> M[应用系统3]
                        F --> M
                        G --> N[应用系统4]
                        H --> N
                </div>
            </div>
        </div>
    </section>

    <!-- Solutions Grid -->
    <section class="py-16 px-6">
        <div class="max-w-7xl mx-auto">
            <h2 class="text-4xl font-bold text-center mb-12 text-gray-800">
                <i class="fas fa-th-large text-purple-600 mr-3"></i>
                主流 SSO 解决方案
            </h2>
            
            <div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-8">
                <!-- OAuth 2.0 / OpenID Connect -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-purple-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-shield-alt text-purple-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">OAuth 2.0 / OIDC</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full protocol-badge mb-4">协议标准</span>
                    <p class="text-gray-600 mb-4">OAuth 2.0 是授权框架，OpenID Connect 在其基础上提供身份验证功能。</p>
                    <div class="space-y-2">
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>广泛支持的行业标准</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>适合现代 Web 应用</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>支持移动应用场景</p>
                    </div>
                </div>

                <!-- SAML -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-indigo-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-file-code text-indigo-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">SAML</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full protocol-badge mb-4">协议标准</span>
                    <p class="text-gray-600 mb-4">基于 XML 的身份验证标准，在企业环境中广泛使用。</p>
                    <div class="space-y-2">
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>企业级成熟方案</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>跨域身份联邦</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>高度安全性</p>
                    </div>
                </div>

                <!-- CAS -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-blue-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-university text-blue-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">CAS</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full opensource-badge mb-4">开源方案</span>
                    <p class="text-gray-600 mb-4">耶鲁大学开发的开源单点登录协议，简单易用。</p>
                    <div class="space-y-2">
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>配置简单</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>教育机构广泛使用</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>支持多种认证方式</p>
                    </div>
                </div>

                <!-- Keycloak -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-green-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-crown text-green-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">Keycloak</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full opensource-badge mb-4">开源方案</span>
                    <p class="text-gray-600 mb-4">Red Hat 开发的全功能身份和访问管理解决方案。</p>
                    <div class="space-y-2">
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>功能全面</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>管理界面友好</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>支持多种协议</p>
                    </div>
                </div>

                <!-- IdentityServer -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-purple-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-server text-purple-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">IdentityServer</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full opensource-badge mb-4">开源方案</span>
                    <p class="text-gray-600 mb-4">基于 .NET 的开源身份认证框架，支持现代协议。</p>
                    <div class="space-y-2">
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>.NET 生态系统集成</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>高度可定制</p>
                        <p class="text-sm text-gray-700"><i class="fas fa-check text-green-500 mr-2"></i>活跃的社区支持</p>
                    </div>
                </div>

                <!-- Auth0 -->
                <div class="bg-white rounded-xl shadow-lg p-8 card-hover">
                    <div class="flex items-center mb-4">
                        <div class="w-12 h-12 bg-orange-100 rounded-lg flex items-center justify-center mr-4">
                            <i class="fas fa-cloud text-orange-600 text-xl"></i>
                        </div>
                        <h3 class="text-2xl font-bold text-gray-800">Auth0</h3>
                    </div>
                    <span class="inline-block px-3 py-1 text-xs text-white rounded-full commercial-badge mb-4">商业方案</span>
                    <p class="text-gray-600 mb-4">云端身份认证平台，提供即用型解决方案。</p>
                    <div class="space-y-2">
                        <p